Do I have to share Google Drive folder for service account access?

10
votes

I have created a service account for use with the Google Drive API as outlined here: https://developers.google.com/drive/delegation

After all the reading I've done, my impression is that this service account should act on behalf of the actual account which is part of the Google Apps for Business domain being used.

With that, I would expect that no special permissions would be needed to be dealt with when dealing with Google Drive folders. However, after authenticating and trying to list the contents of a folder, nothing is shown.

If I add the service account email address specifically to the "share" list for the folder, everything seems to work as intended. I can list the files in the folder using the API.

My question is, is this the way it's supposed to be or am I missing something that would allow the service account to access folders on behalf of the actual account without having to specifically add the service account email address to the share list?

Thank you for your time.

1
google-drive-apigoogle-drive-realtime-api
Have you added the appropiate oauth permissions to the gapps domain?Are you using a p12 file?Zig Mandel
Yes and yes. Everything works fine if I share the folder with the service account's email address, I'm just not sure if that's a necessary step or if I've missed something.edeneye
can we do the reverse? share the server account folder with a google drive user accountMiguel
@edeneye how to add service account in to the "share" list for the folder.Sonali

1 Answers

-1
votes

You need to impersonate the user with his/her email. Go through the steps explained on https://developers.google.com/drive/delegation and use the snippets below for further coding reference.